C&K Systems, the vendor identified by Goodwill as the source of a breach that impacted about 330 of its stores, has confirmed details of the 18-month breach of its "hosted managed services environment" affecting three of its clients.
When IBM unveiled BIOS - Basic Input/Output System - in 1981 with the introduction of its personal computer, few perceived it as a security threat. But now, NIST has issued a new guide to mitigate BIOS vulnerabilities in servers.
Experts review new allegations that have emerged about information security practices at Home Depot in the wake of the retailer confirming that it suffered a data breach resulting in the theft of an unknown quantity of credit and debit cards details.
Security experts see good news and bad in Apple's latest announcements. Upsides include Apple Pay and numerous privacy and security improvements in iOS 8. But after the celebrity photo leak, iCloud fixes remain missing.
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
The PCI Security Standards Council has released an update to its guidance for merchants on protecting against card skimming attacks in POS environments that spells out best practices for addressing the latest attack scenarios.
Security experts are advising Google users to change their passwords in the wake of almost 5 million usernames and passwords surfacing on Russian cybercrime forums. But some of the stolen data may be several years old.
A Government Accountability Office report on agencies' oversight of the security of contractor-operated IT systems contains the revelation that the U.S. government does not know how many of its systems are run by vendors.
Now that Home Depot has confirmed its payments breach, industry experts weigh the possibility that the home-improvement giant's attack is linked to earlier breaches at Target, Sally Beauty and P.F. Chang's.
What steps can organizations take to mitigate insider fraud threats? Michael Theis of Carnegie Mellon, a featured speaker at ISMG's upcoming Fraud Summits in Toronto and London, explains why using data analytics is key.
Apple's advice to always use strong passwords and two-factor authentication ignores that image hackers are bypassing those controls - and celebrities aren't the only victims. Here's what needs to change.